Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e203133333335.roa
File: 38302e38332e3138382e302f32322d3234203d3e203133333335.roa (raw, json)
Hash identifier: ov3ZqP6jiN7cSR/XwriGpMFcKSiH0bdEErZFAioDoh0=
Subject key identifier: 79:4D:E1:33:06:44:CD:3A:38:DB:F6:E6:B7:3F:DF:73:6B:2F:01:8A
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 78F4F8A9EB42C65CEC0D4AF9AD0D9E68601FDD02
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e203133333335.roa
Signing time: Fri 06 Mar 2026 22:10:30 +0000
ROA not before: Fri 06 Mar 2026 22:05:30 +0000
ROA not after: Fri 05 Mar 2027 22:10:30 +0000
asID: 13335
IP address blocks: 80.83.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:27:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:f4:f8:a9:eb:42:c6:5c:ec:0d:4a:f9:ad:0d:9e:68:60:1f:dd:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Mar 6 22:05:30 2026 GMT
Not After : Mar 5 22:10:30 2027 GMT
Subject: CN=794DE1330644CD3A38DBF6E6B73FDF736B2F018A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1e:e5:c0:f4:71:6c:fd:16:7f:59:ab:89:df:
7c:35:52:6f:42:8f:13:a7:48:2e:28:6b:a7:f8:75:
14:65:5e:25:91:fb:60:c5:ab:b4:1b:ca:c5:1d:11:
b0:43:75:c6:6f:7b:7f:c8:cd:8d:53:ea:40:9a:92:
18:19:2f:b8:84:e1:2a:dd:ad:4d:9e:17:86:a3:1e:
0a:5d:1d:54:69:20:55:38:51:bf:46:ca:f4:fc:67:
2f:72:91:68:33:b7:97:60:05:be:8f:c2:e4:a3:6c:
1b:b9:fd:bd:66:40:e7:bc:80:00:8f:25:68:f4:e5:
4d:ab:dd:98:01:e9:7b:9c:b1:4a:27:ae:03:a3:da:
8a:bd:fb:0e:f3:e4:bc:ef:6e:cd:5f:f3:34:17:27:
c1:fa:43:57:09:c7:ec:4e:bd:89:23:5d:d0:a3:f3:
e0:1a:8f:71:1c:30:e8:11:4f:37:41:07:78:1d:28:
99:f6:b0:86:30:c1:e1:b6:18:26:05:05:51:93:62:
ea:01:cb:dc:a3:d5:a1:ab:45:62:13:b0:b2:34:85:
8b:d8:40:d0:58:ae:7c:eb:70:16:2a:f0:ca:c7:21:
57:c4:eb:e3:42:53:8a:fb:70:7c:38:60:c2:b2:c0:
91:59:8c:e6:fe:b9:28:e5:a0:b0:78:af:ad:0e:cb:
1d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4D:E1:33:06:44:CD:3A:38:DB:F6:E6:B7:3F:DF:73:6B:2F:01:8A
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:98:c6:c3:f7:f7:9d:56:2a:9a:8f:9c:f9:59:b9:ea:01:99:
b9:a5:cb:d8:b4:ab:59:08:61:b0:ec:e5:ab:1d:c8:0b:e6:26:
e2:93:a2:df:7c:df:9e:e0:94:40:ae:f6:54:b3:21:1c:4c:48:
bd:7a:95:e0:90:3b:29:66:45:2b:27:2d:cd:7a:ab:09:68:68:
51:d8:8d:d3:e1:0a:6a:01:71:20:5e:50:9f:fa:a9:0a:11:89:
53:99:be:57:f8:06:84:9f:95:ca:a2:c9:10:95:42:a4:a5:5a:
02:44:3e:8b:b9:64:63:bb:52:d3:49:3e:19:4c:6d:30:15:fb:
fe:eb:1c:dc:f7:82:71:a6:9d:92:52:7f:4a:80:02:24:1d:3d:
f7:86:d5:79:cb:58:fb:fb:d5:9c:64:e9:6e:28:be:23:fe:d1:
e0:15:9c:f9:b4:7d:18:b9:20:6b:00:ab:7d:9f:96:45:95:58:
4b:95:51:e3:0a:ab:e0:ba:ba:ff:36:9a:69:47:c1:53:4b:e2:
34:55:bb:3a:31:1a:bb:af:2c:50:38:51:ff:c1:4e:12:bb:93:
68:f8:c7:26:9a:ea:7e:78:39:37:1c:0b:3f:b1:2d:19:97:22:
9c:00:2d:46:db:64:11:8b:0f:e5:2b:ae:ed:6e:98:b2:36:da:
c6:1a:f7:0e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUePT4qetCxlzsDUr5rQ2eaGAf3QIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNjAzMDYyMjA1MzBaFw0yNzAzMDUyMjEwMzBaMDMxMTAvBgNV
BAMTKDc5NERFMTMzMDY0NENEM0EzOERCRjZFNkI3M0ZERjczNkIyRjAxOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUHuXA9HFs/RZ/WauJ33w1Um9C
jxOnSC4oa6f4dRRlXiWR+2DFq7QbysUdEbBDdcZve3/IzY1T6kCakhgZL7iE4Srd
rU2eF4ajHgpdHVRpIFU4Ub9GyvT8Zy9ykWgzt5dgBb6PwuSjbBu5/b1mQOe8gACP
JWj05U2r3ZgB6XucsUonrgOj2oq9+w7z5Lzvbs1f8zQXJ8H6Q1cJx+xOvYkjXdCj
8+Aaj3EcMOgRTzdBB3gdKJn2sIYwweG2GCYFBVGTYuoBy9yj1aGrRWITsLI0hYvY
QNBYrnzrcBYq8MrHIVfE6+NCU4r7cHw4YMKywJFZjOb+uSjloLB4r60Oyx1VAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUeU3hMwZEzTo42/bmtz/fc2svAYowHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzgzMDJlMzgzMzJlMzEzODM4
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzEzMzMzMzMzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlBT
vDANBgkqhkiG9w0BAQsFAAOCAQEAT5jGw/f3nVYqmo+c+Vm56gGZuaXL2LSrWQhh
sOzlqx3IC+Ym4pOi33zfnuCUQK72VLMhHExIvXqV4JA7KWZFKyctzXqrCWhoUdiN
0+EKagFxIF5Qn/qpChGJU5m+V/gGhJ+VyqLJEJVCpKVaAkQ+i7lkY7tS00k+GUxt
MBX7/usc3PeCcaadklJ/SoACJB0994bVectY+/vVnGTpbii+I/7R4BWc+bR9GLkg
awCrfZ+WRZVYS5VR4wqr4Lq6/zaaaUfBU0viNFW7OjEau68sUDhR/8FOEruTaPjH
Jprqfng5NxwLP7EtGZcinAAtRttkEYsP5Suu7W6Ysjbaxhr3Dg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:28:06 2026 by rpki-client